Time-based multivariable secure facility alarm system

ABSTRACT

An exemplary embodiment provides for a computer-implemented method that generates a time-based multivariable secure facility alarm. The method includes selecting a person for alert monitoring, alert monitor criteria pertaining to the person and alarm notification rules. When an occurrence that satisfies the alert monitor criteria are detected, an alarm notification, based upon the alarm notification rules, is generated. The method&#39;s alert monitor criteria include at least two events and a time period such that the alert monitor criteria is satisfied when the at least two events occur within the time period. Additionally, at least one event of the at least two events is a non-telephonic event.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is a continuation application of and, thereby,claims benefit under 35 U.S.C. §120 to U.S. application Ser. No.14/211,379, entitled, “Time-Based Multivariable Secure Facility AlarmSystem,” filed on Mar. 14, 2014, issued as U.S. Pat. No. 9,232,178, andincorporated herein by reference. U.S. application Ser. No. 14/211,379claims the benefit under 35 U.S.C. §119(e) to U.S. Provisional PatentApplication Ser. No. 61/801,119, filed on Mar. 15, 2013, entitled“Administrative Functions in a Controlled Facility,” and is hereinincorporated by reference.

BACKGROUND

Typically, automatically generated, security-related alarms, used insecure facilities and elsewhere, do not provide great value toinvestigators and security personnel as they are often based on one-off,somewhat generic occurrences that are not representative of situationsthat actually deserve attention. Also, they may occur frequently enoughthat they are perceived as annoyances to be ignored. Due to that,situations of interest may potentially be missed.

Additionally, automatically generated, security-related alarms may betriggered based on ‘obvious’ potentialities that are straightforward todetect but also easily avoided by more sophisticated, potentialperpetrators.

Due to these deficiencies, and perhaps other ones, there is a need forimproved security alarm systems.

SUMMARY

The following embodiments and aspects thereof are described andillustrated in conjunction with systems, tools and methods which aremeant to be exemplary and illustrative, not limiting in scope. Invarious embodiments, one or more of the above-described problems havebeen reduced or eliminated, while other embodiments are directed toother improvements.

An exemplary embodiment provides for a computer-implemented method thatgenerates a time-based multivariable secure facility alarm. The methodincludes selecting a person for alert monitoring, alert monitor criteriapertaining to the person and alarm notification rules. When anoccurrence that satisfies the alert monitor criteria are detected, analarm notification, based upon the alarm notification rules, isgenerated. The method's alert monitor criteria include at least twoevents and a time period such that the alert monitor criteria issatisfied when the at least two events occur within the time period.Additionally, at least one event of the at least two events is anon-telephonic event.

One or more embodiments also provide for investigators to customize howthey are notified of alarms. For example, the time of day an alarmoccurs may be specified to send an alarm notification in a manner thatdiffers if the same alarm occurs during another part of the day. Oneexample may be a text message-delivered alarm notification if the alarmoccurs during working hours and during all other hours an automatedphone call would be utilized.

Various other aspects include an ability to set alarms based on, atleast in part, interactions involving friends and families of detaineesas well as financial transactions (for example, but not limited to,details such as the depositor, currency source (cash, credit card, etc),amount, number of transactions).

In addition to the exemplary aspects and embodiments described above,further aspects and embodiments will become apparent by reference to thedrawings and by study of the following descriptions.

BRIEF DESCRIPTION OF DRAWINGS

Exemplary embodiments are illustrated in referenced figures of thedrawings. It is intended that the embodiments and figures disclosedherein are to be considered illustrative rather than limiting.

FIGS. 1-4, 5A, 5B, and 6 are schematic diagrams of an example securefacility call management system that may be used in conjunction with theclaimed embodiments;

FIGS. 7-10 are schematic diagrams that illustrate methods and system foridentity verification in a detention environment; and

FIGS. 11-14 are flowchart diagrams that illustrate an example method forimplementing a time-based multivariable alarm system.

DETAILED DESCRIPTION

Specific embodiments of the invention will now be described in detailwith reference to the accompanying figures. Like elements in the variousfigures are denoted by like reference numerals for consistency.

In the following detailed description of embodiments of the invention,numerous specific details are set forth in order to provide a morethorough understanding of the invention. However, it will be apparent toone of ordinary skill in the art that the invention may be practicedwithout these specific details. In other instances, well-known featureshave not been described in detail to avoid unnecessarily complicatingthe description.

The claimed embodiments provide for a time-based multi-variable alarmsystem which may be utilized for creating alarms based on more than oneevent related to a person, such as a detainee. The claimed embodimentsare time-based in that alarms are triggered when pre-defined eventsoccur within a specified time period. For example, if two events arespecified, an alarm may be configured to trigger when the second eventoccurs within four hours after the first event occurs. The system alsoprovides for at least one event not being telephonic such as a financialtransaction. The system further provides for configurable alarmnotifications based on, in some implementations, alarm time-of-dayoccurrence is pre-configured to specify who will be notified and how thenotification is delivered.

Exemplary methods for utilizing the claimed residence-based ratingembodiments will be further described in a later section. Firstly, FIGS.1-6 will now be presented and then followed by FIGS. 7-10 whichillustrate pre-verification methods.

FIGS. 1-4, 5A, 5B, and 6 are schematic diagrams of an example securefacility call management system that may be used in conjunction with theclaimed embodiments.

FIG. 1 shows a diagram of a system in accordance with at least oneimplementation of the claimed embodiments. As shown in FIG. 1, thesystem includes a controlled facility (100), an outside facility (102),third party providers (104), and an outsider computing device (106) eachcommunicatively coupled to a communications network (108). Thecontrolled facility (100) may include, but is not limited to, a kiosk(110), an administrator application (112), an inmate phone (114), and aninmate computing device (116). The outside facility (102) may include anapplication server (118) and a database server (120). The third partyproviders (104) may include a media server (122), a web server (124),and a datacenter (126). The outsider computing device (106) may includean outsider application (128).

In at least one implementation of the claimed embodiments, a controlledfacility (100) is an access-restricted location. Examples of controlledfacilities (e.g., controlled facility (100)) include, but are notlimited to, detention environments (e.g., jails, prisons, etc.),immigration detention centers, military centers, government securesites, law enforcement holding structures, secure business complexes,and psychiatric hospitals.

In at least one implementation of the claimed embodiments, an inmate isa person within a controlled facility (100) who is subject to one ormore restrictions, primarily to his or her freedom or rights. Examplesof inmates include, but are not limited to, prisoners, wards of thestate, parolees, employees working in a secure business complex,temporary or long-term internees, patients, military personnel,uncharged suspects, and refugees. Inmate restrictions may be part of acourt-imposed sentence on an inmate, while others may be specific to thecontrolled facility (100) in which the inmate resides. Restrictions mayinclude limitations on an inmate's physical movement (i.e., physicalrestrictions) and limitations on the inmate's ability to communicate(i.e., communication restrictions). Communication restrictions includeinmate use restrictions, inmate target restrictions, and device userestrictions.

In at least one implementation of the claimed embodiments, inmate userestrictions are limitations on an inmate's general ability tocommunicate with visitors and/or outsiders. Inmate use restrictions mayinclude, for example, periods of time in which an inmate is not allowedto communicate with outsiders and/or visitors (e.g., between 10 PM and 8AM, during an imposed one-week punitive period, etc.) and limitationsbased on lack of funds (e.g., insufficient commissary account balance toinitiate a communication).

In at least one implementation of the claimed embodiments, inmate targetrestrictions are limitations on the target and/or source of acommunication with the inmate. Inmate target restrictions may bespecific outsiders and/or visitors with whom the inmate is not allowedto communicate (e.g., the victim of a crime perpetrated by the inmate,etc.). Inmate target restrictions may also include types of people withwhom the inmate is not allowed contact (e.g., outsiders who are ex-cons,minors under the age of 18, etc.).

In at least one implementation of the claimed embodiments, device userestrictions are restrictions based on the condition and/or state of thecommunication device used by the inmate. Device use restrictionsinclude, for example, limitations based on the location of the inmate'smobile device, limitations imposed based on a determination that thedevice has been tampered with, etc.

In at least one implementation of the claimed embodiments, an outsideris a person outside the controlled facility (100) who may be the sourceand/or target of a communication with an inmate. In at least oneimplementation of the claimed embodiments, outside the controlledfacility (100) means external to the physical perimeter of thecontrolled facility (100). An outsider who enters the controlledfacility (100) for the purpose of communicating with an inmate isreferred to as a visitor.

In at least one implementation of the claimed embodiments, the kiosk(110) is a computing system with functionality to facilitatecommunication between an inmate and a visitor and/or outsider. Suchcommunication facilitation may include creating a system identity dataitem and/or secure social networking account, adding and/or importingcontact information for outsiders with whom the inmate wishes tocommunicate, uploading media (e.g., photos, videos, audio, and text) to,and/or viewing media from, a secure social network, sending and/orreceiving messages and/or other media, acting as an endpoint for voiceand video communication between an inmate and a visitor and/or outsider,scheduling a communication, and managing a commissary and/orcommunications account. Further detail about kiosks (e.g., kiosk (110))is provided in FIG. 2, FIG. 5A, FIG. 5B, and FIG. 6. Kiosks may also, insome implementations, be deployed outside of controlled facility (100).

In at least one implementation of the claimed embodiments, theadministrator application (112) is a process or group of processesexecuting on a computing system with functionality to enable anadministrator to create, remove, and/or enforce one or more restrictionson an inmate. In at least one implementation of the claimed embodiments,an administrator is a person associated with the controlled facilitycharged with enforcing one or more restrictions. Examples ofadministrators include, but are not limited to, prison guards,orderlies, wardens, prison staff, jailers, information technologytechnicians, system administrators, and law enforcement agents. Usingthe administrator application, an administrator may retrieve and/oralter the identity data item and/or secure social network account of aninmate, visitor, and/or outsider. Further detail about the administratorapplication (112) is provided in FIG. 2.

In at least one implementation of the claimed embodiments, the inmatephone (114) is a device with functionality to send and receive audiocommunications between an inmate and an outsider and/or visitor. In atleast one implementation of the claimed embodiments, the inmate phone(114) is a stationary (i.e., non-mobile) device. Further, a singleinmate phone (114) may be used by more than one inmate. Further detailabout the inmate phone (114) is provided in FIG. 2.

In at least one implementation of the claimed embodiments, the inmatecomputing device (116) is a computing device with functionality toenable an inmate to communicate with a visitor and/or outsider.Specifically, the inmate computing device (116) may be used to sendand/or receive text messages and/or initiate and/or receive calls (e.g.,voice and/or video). In at least one implementation of the claimedembodiments, the inmate computing device (116) also enables an inmate toaccess a secure social network. Specifically, the inmate computingdevice (116) may be used to upload media to, and/or view media from, asecure social network account of the inmate and/or another secure socialnetwork member. In at least one implementation of the claimedembodiments, the inmate computing device (116) is a mobile computingdevice (e.g., a smartphone, a laptop, a tablet, etc.). Further detailabout the inmate computing device (116) is provided in FIG. 2 and FIG.6.

In at least one implementation of the claimed embodiments, the elementswithin the controlled facility (100) are communicatively coupled to thecommunications network (108). In at least one implementation of theclaimed embodiments, the communications network (108) is a collection ofcomputing systems and other hardware interconnected by communicationchannels. The communications network (108) may include networks that areexclusively and/or primarily used for a single type of communication,such as a telephone network (e.g., Plain Old Telephone System (POTS)),and/or networks used for a wide array of communication types, such asthe Internet through Voice over IP (VOIP). Communication channels usedby the communications network (108) may include, for example, telephonelines, networking cables, wireless signals, radio waves, etc. Feescharged and payments received by the provider(s) of the communicationsnetwork (108) may involve multiple parties, including a service providerof the outside facility (102), the management of the controlled facility(100), and provider(s) of the communications network (108). In at leastone implementation of the claimed embodiments, fees may be split betweenmultiple parties based on the terms of underlying agreements and/orcontracts between the parties. Further, rebates, reimbursements, and/orrefunds may be afforded to and paid to the management of the controlledfacility (100) based on the terms of underlying agreements and/orcontracts between the parties. For example, the management of thecontrolled facility (100) may receive a rebate from the service providerof the services provided to inmates based on such factors as the volumeof use, the dollar amount, and/or the frequency of use.

In at least one implementation of the claimed embodiments, the outsidefacility (102) is a group of computing systems located outside of thecontrolled facility (100). Specifically, the outside facility (102) mayhouse system elements with functionality to facilitate communicationbetween inmates and outsiders, access communication data between inmatesand outsiders, and enforce one or more restrictions imposed on inmatesand inmate communications. In at least one implementation of the claimedembodiments, the outside facility (102) is connected directly to thecontrolled facility (100) bypassing a generally accessiblecommunications network (communications network (108)). One or more ofthe components within the outside facility (102) may alternatively belocated within the controlled facility (100) and/or within the thirdparty providers (104).

In at least one implementation of the claimed embodiments, theapplication server (118) is a computing system with functionality toauthenticate an inmate, outsider, administrator, reviewer, and/orinvestigator for access to system functionality (e.g., initiating voiceand/or video calls, sending text messages, etc.) and/or data stored onthe database server (120) (e.g., inmate identities, communicationsbetween inmates and outsiders, etc.). The application server mayauthenticate inmates, outsiders, administrators, reviewers, and/orinvestigators using passwords, biometric data, digital access codes,and/or physical access devices. Further detail about the applicationserver (118) is provided in FIG. 3.

In at least one implementation of the claimed embodiments, the databaseserver (120) is a computing system with functionality to storeidentities used to authenticate inmates, outsiders, administrators,reviewers, and/or investigators. Such identities may include verifieddata used to compare to verification data provided by the inmate,outsider, administrator, reviewer, and/or investigator to authenticatethe inmate, outsider, administrator, reviewer, and/or investigator.

In at least one implementation of the claimed embodiments, the databaseserver (120) also stores communication data about communications betweenan inmate and an outsider and/or visitor. Such communication data mayinclude, for example, a recording of a video call, the length of a voicecall, the frequency of video calls, sent and received text messages,etc. The database server (120) may also store media submitted to asecure social network before, during, and/or after the media has beenreviewed. Further detail about the database server (120) is provided inFIG. 3.

In at least one implementation of the claimed embodiments, the thirdparty providers (104) are computing systems that provide networkapplication and data storage services (i.e., cloud computing services).Third party providers (104) may include service providers used directlyby inmates and outsiders, such as photo sharing services, general socialnetworking sites, and digital music retailers. Third party providers(104) may include service providers employed by administrators and foruse by inmates and outsiders, such as audio and video streamingapplications, conferencing applications, and secure social network mediastorage. One or more of the components within the third party providers(104) may alternatively be located within the controlled facility (100)and/or the outside facility (102).

In at least one implementation of the claimed embodiments, the mediaserver (122) is a computing system or group of computing system withfunctionality to provide network application services to facilitatecommunication between an inmate and an outsider, and to facilitateaccess to a secure social network. Such services include, but are notlimited to, VoIP services, video conferencing services, and mediastreaming services.

In at least one implementation of the claimed embodiments, the webserver (124) is a computing system or group of computing system withfunctionality to provide an interface to access and interact withwebpages and other network application services. In at least oneimplementation of the claimed embodiments, the web server (124) is atype of media server (122).

In at least one implementation of the claimed embodiments, thedatacenter (126) is a computing system or group of computing system withfunctionality to provide an interface to access and interact with datastored on one or more data servers (not shown). In at least oneimplementation of the claimed embodiments, the datacenter (126) is atype of media server (122).

In at least one implementation of the claimed embodiments, the outsidercomputing device (106) is a computing device with functionality toexecute the outsider application (128). In at least one implementationof the claimed embodiments, the outsider computing device (106) is amobile computing device (e.g., a smartphone, a laptop, a tablet, etc.).Further detail about the outsider computing device (106) is provided inFIG. 6.

In at least one implementation of the claimed embodiments, the outsiderapplication (128) is a process or group of processes (in software,firmware, hardware, or combination thereof) with functionality to enablecommunication between an outsider and an inmate. Specifically, theoutsider application (128) may be used to send and/or receive textmessages and/or initiate and/or receive calls (e.g., voice and/orvideo). In at least one implementation of the claimed embodiments, theoutsider application (128) also enables an outsider to access a securesocial network. Specifically, the outsider application (128) may be usedto upload media to, and/or view media from, a secure social networkaccount of the outsider, an inmate, and other secure social networkmember.

FIG. 2 shows a controlled facility in accordance with at least oneimplementation of the claimed embodiments. As shown in FIG. 2, thecontrolled facility (200) may include a visitor kiosk (202), a bookingkiosk (204), an administrator computing device (206), an inmate kiosk(208), an inmate phone (210), an inmate computing device (212), and alocal server (214). The inmate computing device (212) and the localserver (214) are communicatively coupled to the communications network(216). The administrator computing device (206) includes anadministrator application (218). The inmate computing device (212)includes an inmate application (220).

In at least one implementation of the claimed embodiments, the visitorkiosk (202) is a computing system with functionality to facilitatecommunication between an inmate and a visitor. Specifically, the visitorkiosk (202) may be a combination of computing hardware and software usedby a visitor to make and receive voice and video calls to/from an inmateresiding in the same controlled facility (200) and/or another controlledfacility (not shown). The visitor kiosk (202) may also be used toschedule a voice and/or video call with an inmate for a future date.Further, the visitor kiosk (202) may also include the functionality toexchange media (e.g., photos, videos, and audio) with an inmate residingin the controlled facility (200). The visitor kiosk (202) may includefunctionality to generate such media, such as a camera, microphone,keyboard, and software to record and/or otherwise create media to sendto an inmate. Such media may be subject to review before beingdelivered.

In at least one implementation of the claimed embodiments, a visitorwanting to use a visitor kiosk (202) may be required to participate inan authentication process to verify the identity of the visitor. Theauthentication process may include creating an identity data item andverified data for storage and later comparison. The verified data usedfor authentication may be a username and password combination and/orbiometric information about the visitor.

In at least one implementation of the claimed embodiments, the visitorkiosk (202) includes functionality to access a secure social network.Specifically, the visitor kiosk (202) may be used by a visitor to createand manage a secure social network account. The visitor kiosk (202) mayalso be used by a visitor to upload digital media to the visitor'ssecure social network account and/or the account of another securesocial network member. The visitor kiosk (202) may further be used toview digital media uploaded to the visitor's social network accountand/or the account of another secure social network member.

In at least one implementation of the claimed embodiments, the visitorkiosk (202) includes functionality to manage a commissary account forone or more inmates. Specifically, a visitor may use a visitor kiosk(202) to add money to the commissary account of an inmate in thecontrolled facility (200), view a transaction history of the commissaryaccount, transfer funds between commissary accounts, and/or remove fundsfrom a commissary account. Further detail about the visitor kiosk (202)is provided in FIG. 5A and FIG. 5B.

In at least one implementation of the claimed embodiments, the bookingkiosk (204) is a computing system with functionality to aidadministrators in admitting an inmate into a controlled facility (e.g.,controlled facility (200)). Specifically, the booking kiosk (204) mayinclude functionality to create and/or update an inmate identity dataitem. Specifically, the booking kiosk (204) may be used to obtainverified data (e.g., passwords, biometric data, etc.) and save theverification data in one or more identity data items for the inmate. Theverified data may then be used to authenticate the inmate (e.g., toaccess the communications network (216), etc.). In at least oneimplementation of the claimed embodiments, the booking kiosk may also beused to associate one or more restrictions with the inmate via theinmate's identity data item.

In at least one implementation of the claimed embodiments, the bookingkiosk (204) includes functionality to input contact information forvisitors, outsiders, administrators, and/or other inmates with whom theinmate wants to communicate. Such contact information may then beassociated with the inmate's identity data item, and may be used toinitiate a voice and/or video call, or otherwise transmit media tovisitors, outsiders, and/or other inmates. Further, in at least oneimplementation of the claimed embodiments, the contact information maybe retrieved from an inmate's mobile computing device (e.g., cell phone,smart phone, etc.) and/or a local or remote data storage device (e.g., aflash drive, a webmail account, etc.). The contact information may beretrieved using a wired and/or wireless connection between the bookingkiosk and the inmate's mobile computing device and/or the data storagedevice. The contact information may be subject to review before theinmate is permitted to contact the visitor, outsider, administrator,and/or other inmate.

In at least one implementation of the claimed embodiments, the bookingkiosk (204) includes functionality to prepare a mobile computing devicefor use by the inmate within the controlled facility (200).Specifically, a controlled facility (200) may allow inmates the use ofcomputing devices while in and/or subject to the controlled facility(200). However, use of such inmate computing devices may require thatthe computing device is provisioned with software restricting the use ofthe inmate computing device. The booking kiosk (204) may be used toprovision the inmate computing device as required. Further detail aboutthe booking kiosk (204) is provided in FIG. 5A and FIG. 5B.

In at least one implementation of the claimed embodiments, theadministrator computing device (206) is a computing system or group ofcomputing systems with functionality to execute the administratorapplication (218). In at least one implementation of the claimedembodiments, the administrator application (218) is a process or groupof process with functionality to provide access to communicationsbetween inmates at the controlled facility (200) and visitors,outsiders, administrator, and other inmates. The administratorapplication (218) may also be used to monitor current voice and/or videocalls between an inmate and a visitor, outsider, administrator, and/orother inmate.

In at least one implementation of the claimed embodiments, theadministrator application (218) is used to manage an identity data itemassociated with an inmate. Such management may include altering therestrictions (device use restrictions, inmate use restrictions, andinmate target restrictions) applicable to the inmate. In at least oneimplementation of the claimed embodiments, the administrator application(218) is used to access the secure social network account of an inmate,visitor, and/or outsider. In at least one implementation of the claimedembodiments, the administrator application (218) may provide heightenedaccess (i.e., a level of access greater than that of the inmate,visitor, and/or outsider) to data stored in the secure social networkingaccount.

In at least one implementation of the claimed embodiments, the inmatekiosk (208) is a computing system with functionality to facilitatecommunication between an inmate and a visitor and/or outsider.Specifically, the inmate kiosk (208) may be a combination of computinghardware and software used by an inmate to make and receive voice andvideo calls to/from a visitor, outsider, and/or another inmate residingin another controlled facility (not shown). The inmate kiosk (208) mayalso be used to schedule a voice and/or video call with a visitor at afuture date. Initiating and/or scheduling a voice and/or video call mayinclude determining whether the currently attempted call, and/or thescheduled call, is adverse to one or more restrictions (e.g., inmate userestrictions, device use restrictions, and/or inmate targetrestrictions). Further, the inmate kiosk (208) may also include thefunctionality to exchange media (e.g., photos, videos, and audio) with avisitor and/or outsider. The inmate kiosk (208) may includefunctionality to generate such media, such as a camera, microphone,keyboard, and software to record and/or otherwise create media to sendto a visitor and/or outsider. Such media may be subject to review beforebeing delivered.

In at least one implementation of the claimed embodiments, an inmatewanting to use an inmate kiosk (208) may be required to participate inan authentication process to verify the identity of the inmate. Theauthentication process may include providing verification data forcomparison to verified data previously obtained from the inmate andstored in the inmate identity data item. The verified data may be ausername and password combination and/or biometric information about theinmate.

In at least one implementation of the claimed embodiments, the inmatekiosk (208) includes functionality to access a secure social network.Specifically, the inmate kiosk (208) may be used by an inmate to managea secure social network account. The inmate kiosk (208) may includefunctionality to generate such media, such as a camera, microphone,keyboard, and software to record and/or otherwise create media to sendto a visitor and/or outsider. The inmate kiosk (208) may also be used byan inmate to upload digital media to the inmate's secure social networkaccount and/or the account of another secure social network member. Theinmate kiosk (208) may further be used to view digital media uploaded tothe inmate's social network account and/or the account of another securesocial network member. Uploaded media may be subject to review beforeposting.

In at least one implementation of the claimed embodiments, the inmatekiosk (208) includes functionality to manage a commissary account forthe inmate. Specifically, an inmate may use an inmate kiosk (208) toview a transaction history of the commissary account and/or to applycommissary funds for goods and services consumed and/or enjoyed by theinmate. Further detail about the inmate kiosk (208) is provided in FIG.5A and FIG. 5B.

In at least one implementation of the claimed embodiments, the inmatephone (210) is a device with functionality to send and receive audiocommunications between an inmate and an outsider and/or visitor. Theinmate phone (210) may be implemented as handset connected to atelephone line. In at least one implementation of the claimedembodiments, all or part of the voice call may be conducted over a VoIPconnection. In at least one implementation of the claimed embodiments, asingle inmate phone (210) is utilized by multiple inmates.

In at least one implementation of the claimed embodiments, initiatingand/or receiving a voice call using the inmate phone (210) requires aform of authentication (e.g., providing a password, personalidentification number, and/or voice verification). In at least oneimplementation of the claimed embodiments, voice calls made using theinmate phone (210) are monitored by one or more administrators using theadministrator computing device (206), and are recorded and stored in adata storage system within the controlled facility (200), within theoutside facility (not shown), and/or within a third party provider (notshown). The inmate phone (210) may also be subject to device userestrictions limiting the ability to use the inmate phone (210) atcertain times (e.g., between 9 PM and 8 AM) and/or under certainconditions (e.g., emergency lockdown).

In at least one implementation of the claimed embodiments, the identityof the visitor and/or outsider targeted by the inmate and/or attemptingto contact the inmate using the inmate phone (210) is verified againstinmate target restrictions imposed on the inmate. Such restrictions maybe associated with the inmate's identity data item and may be storedlocally within the controlled facility (200), within the outsidefacility (not shown), and/or within a third party provider (not shown).The visitor and/or outsider identity may be verified by the local server(214) or by another server within the outside facility (not shown), orwithin a third party provider (not shown).

In at least one implementation of the claimed embodiments, the inmatecomputing device (212) is a computing system configured to execute theinmate application (202). In at least one implementation of the claimedembodiments, each inmate computing device (212) is utilized exclusivelyby a single inmate. In at least one implementation of the claimedembodiments, access to the inmate application requires a form of initialauthentication. This initial authentication may use verification datastored locally on the inmate computing device (212) (e.g., a code and/orcombination used to unlock the phone, locally stored biometric data,etc.).

In at least one implementation of the claimed embodiments, accessing acommunications network (e.g., communications network (216)) using theinmate application (220) may require further network-basedauthentication. This further authentication may use verification datastored external to the inmate computing device (212) but locally withinthe controlled facility (200), and/or remotely within the outsidefacility (not shown) and/or within a third party provider (not shown).

In at least one implementation of the claimed embodiments, anauthenticated inmate may use the inmate application to initiate and/orreceive calls (e.g., voice and/or video), initiate and/or receivemessages (e.g., text and/or media), schedule a voice and/or video call,manage a commissary account, and/or post media to a secure socialnetwork. In at least one implementation of the claimed embodiments,voice and video calls made using the inmate computing device (212) aremonitored by one or more administrators using the administratorcomputing device (206), and are recorded and stored in a data storagesystem within the controlled facility (200), within the outside facility(not shown), and/or within a third party provider (not shown).

In at least one implementation of the claimed embodiments, the identityof the visitor and/or outsider targeted by the inmate and/or attemptingto contact the inmate using the inmate computing device (212) isverified against inmate target restrictions imposed on the inmate. Suchrestrictions may be associated with the inmate's identity data item andmay be stored locally within the controlled facility (200), within theoutside facility (not shown), and/or within a third party provider (notshown). The visitor and/or outsider identity may be verified by thelocal server (214) and/or by another server within the outside facility(not shown), and/or within a third party provider (not shown).

In at least one implementation of the claimed embodiments, the inmatecomputing system (212) and/or the inmate application (220) may limitaccess to the communications network (216) based on one or morerestrictions (inmate use restrictions, inmate target restrictions, anddevice use restrictions). Further, the inmate computing system (212)and/or the inmate application (220) may gather data from input devicesof the inmate computing system (212) to determine whether one or morerestrictions apply. Such input devices may include, for example, asystem clock, a global positioning system antenna, a wide area networkantenna, etc.

In at least one implementation of the claimed embodiments, the localserver (214) is a computer system or group of computers systems locatedwithin the controlled facility (200) that facility communication betweeninmates and visitors, outsiders, and/or other inmates. Specifically, thelocal server (214) may implement the software necessary to host voiceand video calls between and among the visitor kiosk (202), the inmatekiosk (208), the inmate phone (210), and an outsider computing system(not shown). The local server (214) may also include functionality toenforce communication restrictions associated with the inmates using theinmate kiosk (208) and/or inmate phone (210). Alternatively, the localserver (214) may merely provide access to other systems capable ofhosting the communication software and data storage (e.g., locatedwithin an offsite facility and/or a third party provider). Further, inat least one implementation of the claimed embodiments, the local server(214) includes functionality to regulate inmate access to a securesocial network.

FIG. 3 shows an outside facility in accordance with at least oneimplementation of the claimed embodiments. As shown in FIG. 3, theoutside facility (300) may include an application server (302), adatabase server (304), a reviewer computing system (306), and aninvestigator computing system (308). The application server (302) iscommunicatively coupled to the communications network (310). Thereviewer computing device (306) may include a reviewer application(312), and the investigator computing device (308) may include aninvestigator application (314).

In at least one implementation of the claimed embodiments, theapplication server (302) is a computing system or group of computingsystems configured to authenticate inmates, visitors, outsiders,administrators, reviewers, and/or investigators. Specifically, theapplication server (302) includes functionality to receive a request toauthenticate an inmate, visitor, outsider, administrator, reviewer,and/or an investigator, retrieve verified data associated with therequest, and compare the verified data to verification data submitted inthe authentication request. In at least one implementation of theclaimed embodiments, the application server provides access to identitydata items and other data stored in the database server (304).

In at least one implementation of the claimed embodiments, the databaseserver (304) is a computing system or group of computing systemsconfigured to store data about inmates, visitors, outsiders,administrators, reviewers, and/or investigators as well as communicationdata describing communications between and among inmates, visitors,outsiders, administrators, reviewers, and/or investigators. Data storedin the database server may include, but is not limited to, identity dataitems, verified data, approved communication media, communication mediapending review

In at least one implementation of the claimed embodiments, the reviewercomputing device (306) is a computing system configured to execute thereviewer application (312). In at least one implementation of theclaimed embodiments, a reviewer is a person charged with viewing a mediaitem submitted by an inmate, visitor, outsider and/or administrator, anddetermining one or more attributes of the media item. Based on thedetermined attributes of the media item, the reviewer may then approvethe media item for transmission to its target inmate, visitor, and/oroutsider. Alternatively, the reviewer may reject the media item,conditionally approve the media item, and/or redact parts of the mediaitem, thus preventing complete transmission to its target inmate,visitor, and/or outsider. In at least one implementation of the claimedembodiments, the reviewer application (312) include functionality toview media items, associate one or more attributes to the media item,and/or mark the media items as approved and/or rejected.

In at least one implementation of the claimed embodiments, theinvestigator computing device (308) is a computing system configured toexecute the investigator application (314). In at least oneimplementation of the claimed embodiments, an investigator is a persongathering information about an inmate, visitor, and/or outsidergenerally for the purposes of law enforcement. The investigatorapplication (314) includes functionality to provide access to datastored on the database server (304) for investigative purposes.

FIG. 4 shows a computing system in accordance with at least oneimplementation of the claimed embodiments. One or more of the computingdevices, kiosks, and computing components disclosed in the presentapplication may be implemented by or as part of the computing systemshown in FIG. 4. As shown in FIG. 4, the computing system (400) mayinclude one or more computer processor(s) (402), associated memory (404)(e.g., random access memory (RAM), cache memory, flash memory, etc.),one or more storage device(s) (406) (e.g., a hard disk, an optical drivesuch as a compact disk (CD) drive or digital versatile disk (DVD) drive,a flash memory stick, etc.), and numerous other elements andfunctionalities. The computer processor(s) (402) may be an integratedcircuit for processing instructions. For example, the computerprocessor(s) may be one or more cores, or micro-cores of a processor.The computing system (400) may also include one or more input device(s)(410), such as a touchscreen, keyboard, mouse, microphone, touchpad,electronic pen, camera, or any other type of input device. Further, thecomputing system (400) may include one or more output device(s) (408),such as a screen (e.g., a liquid crystal display (LCD), a plasmadisplay, touchscreen, cathode ray tube (CRT) monitor, projector, orother display device), a printer, external storage, or any other outputdevice. One or more of the output device(s) may be the same or differentfrom the input device(s). The computing system (400) may be connected toa network (414) (e.g., a local area network (LAN), a wide area network(WAN) such as the Internet, mobile network, or any other type ofnetwork) via a network interface connection (not shown). The input andoutput device(s) may be locally or remotely (e.g., via the network(412)) connected to the computer processor(s) (402), memory (404), andstorage device(s) (406). Many different types of computing systemsexist, and the aforementioned input and output device(s) may take otherforms.

Software instructions in the form of computer readable program code toperform embodiments of the invention may be stored, in whole or in part,temporarily or permanently, on a non-transitory computer readable mediumsuch as a CD, DVD, storage device, a diskette, a tape, flash memory,physical memory, or any other computer readable storage medium.Specifically, the software instructions may correspond to computerreadable program code that when executed by a processor(s), isconfigured to perform embodiments of the invention.

Further, one or more elements of the aforementioned computing system(400) may be located at a remote location and connected to the otherelements over a network (414). Further, embodiments of the invention maybe implemented on a distributed system having a plurality of nodes,where each portion of the invention may be located on a different nodewithin the distributed system. In at least one implementation of theclaimed embodiments, the node corresponds to a distinct computingdevice. Alternatively, the node may correspond to a computer processorwith associated physical memory. The node may alternatively correspondto a computer processor or micro-core of a computer processor withshared memory and/or resources.

FIG. 5A shows a video visitation kiosk in accordance with at least oneimplementation of the claimed embodiments. Specifically, the videovisitation kiosk (500) is a type of computing device as described inFIG. 4. As shown in FIG. 5A, the video visitation kiosk (500) includes acamera (502), a display (504), a handset (506), a headset jack (508),and a universal serial bus (USB) port (510).

FIG. 5B shows the hardware and software elements of a video visitationkiosk in accordance with at least one implementation of the claimedembodiments. The hardware and software elements shown in FIG. 5B may bein addition to the elements described in FIG. 4. As shown in FIG. 5B,the video visitation kiosk (500) includes a handset (506), a videocamera (502), a touch screen panel (512), a display (504), a computingapplication (514), an operating system (516), and a network interfacecontroller (518).

FIG. 6 shows the hardware and software elements of a mobile computingdevice in accordance with at least one implementation of the claimedembodiments. Specifically, the mobile computing device (600) is a typeof computing device as described in FIG. 4. The hardware and softwareelements shown in FIG. 6 may be in addition to the elements described inFIG. 4.

As shown in FIG. 6, the mobile computing device (600) may include aglobal positioning system (GPS) antenna (602), a cell antenna (604), awide area network (WAN) antenna (606), and a personal area network (PAN)antenna (608), each connected to a multi-band radio transceiver (610).The mobile computing device (600) also may include a rear-facing videocamera (612), a front-facing video camera (614), a compass (616), anaccelerometer (618), a touch screen (620), a display (622), and amicrophone (624). The mobile computing device (600) also may include acomputing application (626) executing on an operating system (628).

This disclosure also relates to methods and systems used in a detentionenvironment for verifying an individual's identity utilizing acentralized database operable across disparate types of interactions.Current methods and systems for identity verification in detentionenvironments are non-uniform for disparate types of interactions and themethods and systems are not easily compatible with one another.Therefore, it is difficult to track interactions of an individual and anindividual subject to the detention environment. The disclosed methodand system verify all individuals contacting, interacting with orotherwise connecting to an individual subject to the detentionenvironment in one or more embodiments of the invention. In contrast,those individuals subject to the detention environment, such as inmates,patients, and/or detainees, may be verified using existing methods andsystems since it is possible to obtain a wide range of information fromthe individual when they are in the detention environment. For example,when a prisoner is processed through a jail, it is common for the jailto obtain the prisoner's identity information such e.g., asfingerprints, DNA samples, and voice samples.

FIG. 7 is a diagram illustrating one embodiment of a method (800)according to aspects of the present disclosure. The method (800) isdesigned for use within a detention environment or as part of a methodmonitoring a detention environment. This method (800) applies to anyonewho attempts to interact with an individual subject to a detentionenvironment, for example, by visiting and/or making a transaction onbehalf of the individual subject to the detention environment. As usedherein, the term “individual” is used to refer to a person attempting tointeract with, or on behalf of, a person subject to the detentionenvironment who will be referred to herein as the “individual subject tothe detention environment.” The method (800) receives the individual'sidentity information at step (801) by way of a programmable deviceand/or system, such as e.g., a computer, a call screening system, adetention environment guard, and/or an interactive audio/video systemand device for use in a detention environment disclosed in U.S. patentapplication Ser. No. 13/088,883, published as U.S. Patent ApplicationPublication No. US 2012-0262271 A1 and incorporated by reference herein.It should be appreciated that where a definition or use of a term in anincorporated application or reference is inconsistent with or contraryto the definition of that term provided herein, the definition of thatterm provided herein applies. The individual could be prompted to inputidentity information, such as, the zip code of their residence, mother'smaiden name, a number of digits of the applicant's social securitynumber, or other questions that lead to a unique individual. Identityinformation may also be contained in an identification card, which isprocessed by the programmed device or system, and may assist with theverification process. As just one example, an individual may scan theirdriver's license, and the programmed device or system may read thelicense, and fill out form fields such as name, address, and genderbased on information on the license. This process may be implemented byuse of a magnetic strip, a two-dimensional or three-dimensional barcode, and/or optical character recognition. Identity information mayalso be biometric information, such as, facial recognition, bodyrecognition, voice recognition, retinal scan, fingerprint, DNA sample,and/or palm print. Identity information may also come from aninteraction with the individual's phone, such as, swiping a phonethrough a scanner, keying in a unique phrase or number that was sent toa phone, or answering a call made to the individual's phone.

The method (800) is also designed to verify an individual's identity bymatching the individual's identity information with information in adatabase (at step 802). The database is populated with identityinformation from a data source or a plurality of data sources. In somecases the identity information from the data source existed prior to theindividual's interaction with the individual subject to the detentionenvironment. These data sources may include: line information databasesto find phone number and address associations; best known name andaddress databases to associate names with addresses; identificationverification databases to match a provided name with digits of a socialsecurity number or other unique participant-assigned number; nationalfinancial information databases for existing financial records; nationalpassport database; other government issued identification database suchas a drivers' license database, a military identification database, orstate issued identification card database; open warrants database; anational victim notification network such as VINE or VINELink; or a “donot contact” database. The database may also be populated by the datasources upon command, at intervals, or dynamically.

The method (800) is also desirably compatible with a data source such asthe consolidated voicemail platform disclosed in U.S. patent applicationSer. No. 12/826,168, published as U.S. Patent Application PublicationNo. US 2011-0317685 A1 and incorporated by reference herein, and aninformation exchange facilitating system such as e.g., the secure socialnetwork disclosed in U.S. patent application Ser. No. 13/438,940,published as U.S. Patent Application Publication No. US 2013-0268589 A1and is also incorporated by reference herein.

In some circumstances, an investigator will review attemptedinteractions with individuals subject to the detention environment. Asjust one example, an individual will attempt to interact by depositingmoney in the commissary account of an individual subject to thedetention environment. The method (800) will check the database, and askthe individual enough questions until the method (800) is able topositively match the individual's identity information with informationin the database. A consequence of this method (800) is that individualswill be verified upon each attempted interaction. For example, there maybe several variations of J. Jones, J. D. Jones, Jonathan Jones, and JohnJones appearing in a criminal investigation that involves attemptedinteractions with an individual subject to a detention environment. Theidentification of a J. Jones in a metropolitan area may require anextraordinary effort. Since the disclosed method (800) requiresverification of an individual before he/she is allowed to interact withan individual subject to the detention environment, the disclosed method(800) may pinpoint the identity to a distinct individual named JonathanD. Jones.

In an additional embodiment, the step of receiving identity informationmay also include receiving additional information from the individualafter the individual is verified, such as e.g., a photograph or digitalimage of the individual, a scan of the individual's identification card,and additional information from additional questions. After theindividual is verified, the individual may also establish a username andpassword, or a unique personal identification phrase, number, or seriesof characters. This establishment of a username and password wouldfacilitate an additional identification process during future attemptedinteractions.

In another embodiment, the disclosed method supplements a verifiedidentity with additional information from the database such as e.g., adate of birth, an address, and/or a photograph. In yet anotherembodiment, information, such as a phone number, associated with theindividual is found to be associated with previous phone calls made bythe individual subject to the detention environment. In this case, thedisclosed method may associate those previous phone calls with theverified identity information, allowing the method to retroactively linka person in a detention environment to a specific verified personthrough a phone number. Similar associations could be made throughcredit card data, address data, and more.

In another embodiment, when an individual had been previously verified,the method (800) may receive a previously verified individual's usernameand password as the identity information during the verification process(i.e., step 801). The method (800) may also receive a previouslyverified individual's physical attributes as the identity informationduring the verification process. The physical attributes may include avoiceprint comparison, facial and/or body recognition, DNA sample,retinal scan, and/or other form of biometric attribute. The method (800)may also receive a previously verified individual's identificationcredential as the identity information during the verification process;this may include a passport, driver's license, military identification,or similar. The method (800) may also receive during the verificationprocess a previously verified individual's mobile phone interaction asthe identity information, which may involve responding to a phone calland/or text message, and/or requiring the previously verified individualto call and/or text message to a specific phone number. In the absenceof all other means of identification, and/or as a means to expedite theprocess, the method (800) may receive a detention environment staffmember's authorization to authenticate a verified individual by sight,and/or through spoken and/or direct questions.

After step (802) is complete, the method (800) will either verify and/ornot verify an individual's identity. The method (800) will either permitthe individual to continue if the individual is verified at step 803,and/or deny the individual access if the individual is not verified atstep 804. If the individual is not permitted to continue, then themethod may proceed to the additional steps shown in FIG. 8. If theindividual is permitted to continue, then the method may proceed to theadditional steps shown in FIG. 9.

FIG. 8 illustrates an additional method designed for use when method(800) receives an individual's identity information, but fails to verifythe individual. In that circumstance, method (900) will requestadditional identity information from the individual until a match isfound and/or there are no more requests left to issue (step 901). Themethod (900) may request as many types of identity information from anindividual as there are in the database. If verification is successful,the method (900) permits the individual to interact with the detentionenvironment at step 903. If the verification is still unsuccessful, thenthe method (900) denies the individual interaction with the individualsubject to the detention environment (step 804).

FIG. 9 illustrates an additional method (1100) designed to check anindividual's permission level to determine whether a requestedinteraction is allowed. Once verification is successful, the method(1100) permits the individual to request a particular interaction toconduct at step 1101 (e.g., placing a telephone call). The method (1100)then checks the verified individual's permission level to see if therequested activity is permitted (step 1102). If the interactionrequested is permitted, the method (1100) permits the interaction andrecords the interaction at step 1103. If the activity requested is notpermitted, then the interaction is rejected and the attempt is recordedat step 1104.

FIG. 10 is a diagram illustrating one embodiment of a system (1200)according to aspects of the present disclosure. The system (1200)includes a server (1203) comprising a database (1204), a verificationsystem (1205), and an input system (1206). The server (1203) isprogrammed to perform one, all, or a combination of the methods (800),(900), (1100) disclosed herein. The database (1204) is populated withidentity information from various data sources (1201), such as, a publicdatabase (1201(1)) and/or a private database (1201(2)). Public databases(1201(1)) may include a line information database, best known name andaddress database, social security database, national financialinformation database, national passport database, government issuedidentification database, warrants database, national victim networkdatabase, and/or “do not contact” database. Private databases (1201(2))may include databases aggregated by the detention environment itself. Insome cases the identity information from the data source (1201) existedprior to the individual's interaction with the individual subject to thedetention environment. The database (1204) may also be populated by thedata sources upon command, at intervals, and/or dynamically.

The system (1200) is preferably compatible with data sources (1201),such as e.g., the interactive audio/video system and device for use in adetention environment disclosed in U.S. patent application Ser. No.13/088,883, published as U.S. Patent Application Publication No. US2012-0262271 A1, the consolidated voicemail platform disclosed in U.S.patent application Ser. No. 12/826,168, published as U.S. PatentApplication Publication No. US 2011-0317685 A1, an information exchangefacilitating system such as e.g., the secure social network disclosed inU.S. patent application Ser. No. 13/438,940, published as U.S. PatentApplication Publication No. US 2013-0268589 A1.

When an individual inputs information through one of the disparatesystems (1202) for managing detention environment interactions, such asa jail management system (1202(1)) and/or call screening system(1202(2)), the server (1203) receives that information through its inputsystem (1206). The verification system (1205) takes the informationobtained through the input system (1206) and verifies the identifyinginformation by matching it with the information stored in the database(1204).

In accordance with the practices of persons skilled in the art ofcomputer programming, embodiments of the method (800), (900), (1100) aredescribed with reference to operations that are performed by a computersystem or a like electronic system. Such operations are sometimesreferred to as being computer-executed. It will be appreciated thatoperations that are symbolically represented include the manipulation bya processor, such as a central processing unit, of electrical signalsrepresenting data bits and the maintenance of data bits at memorylocations, such as in system memory, as well as other processing ofsignals. The memory locations where data bits are maintained arephysical locations that have particular electrical, magnetic, optical,and/or organic properties corresponding to the data bits. Embodimentsmay also encompass integrated circuitry including circuit elementscapable of performing specific system operations.

When implemented in a programmed device and/or system, the elements ofthe embodiments are essentially the code segments to perform thenecessary tasks. The non-transitory code segments may be stored in aprocessor readable medium or computer readable medium, which may includeany medium that may store or transfer information. Examples of suchmedia include an electronic circuit, a semiconductor memory device, aread-only memory (ROM), a flash memory and/or other non-volatile memory,a floppy diskette, a CD-ROM, an optical disk, a hard disk, a fiber opticmedium, etc. User input may include any combination of a keyboard,mouse, touch screen, voice command input, etc. User input may similarlybe used to direct a browser application executing on a user's computingdevice to one or more network resources, such as web pages, from whichcomputing resources may be accessed.

Now that some related environmental situations and systems have beendescribed, the claimed embodiments and example methods for implementinga time-based multi-variant alarm system will now be further described.

One or more embodiments include triggering and display or notificationof alarms in a detention environment based on multiple communication ordeposit events.

Embodiments may include a multivariable alarm feature, which allowsfacility staff and administrators with to create, or edit, and savealarms. An alarm, in one or more embodiments of the may includeconfiguring filtering rules to determine what constitutes an alarm,determining who is notified and determining how the alarm notifies eachstaff member, which may include different notification methods(automated call, text, voicemail) at different times of day and days ofthe week.

Various embodiments may also include:

-   -   Alarm Configuration: The person configuring the alarm may create        a new alarm by selecting some of the following types of example        options, perhaps selected more than once.    -   Who is Being Watched    -   Types of People: a search may focus on friends & family members        of a detainee(s), detainee(s) or perhaps both.    -   What Facilities: The person configuring the alarm may select        from the facilities that are available to him.    -   Specific Person or Group of: In case the searching person knows        part of a name, or an entire name, of the person or people they        are searching for.    -   SSN: Social security number or part of the social security        number, if known.    -   Date of Birth: A range or a specific day.    -   Gender: Male, female, other or combinations.    -   Last booked date: a date, date range or none specified.    -   Time Rules    -   Time of day constraints, such as limiting an alarm to events        that fall between 9 p.m. and 6 a.m.    -   Deposit Rules    -   Day of week constraints, such as limiting an alarm to specific        days of the week.    -   Number of depositors, which allows an alarm to be triggered if a        specified number of depositors is reached for a person or group.    -   Number of deposits, which allows an alarm to be triggered if a        specified number of deposits are made to and/or by a person or        group.    -   Number of cash deposits, which allows an alarm to be triggered        if a specified number of cash deposits, are made to and/or by a        person or group. Cash deposits are sometimes more likely to be        associated with criminal activity.    -   Number of credit card deposits, which allows an alarm to be        triggered if a specified number of credit card deposits, are        made to and/or by a person or group. Credit card deposits are        perhaps more likely to be associated with criminal activity when        associated with a detainee who has been charged and/or convicted        of identity theft and/or fraud.    -   Dollars deposited, which allows an alarm to be triggered when a        threshold of funds (including credit card, cash, MoneyGram and        more) have been deposited into a specified individuals account.    -   Cash deposited, which allows an alarm to be triggered when a        threshold of cash has been deposited into a specified        individuals account. Cash deposits are more likely to be        associated with criminal activity.    -   Cash deposited by a single source, which allows an alarm to be        triggered when a threshold of cash has been deposited into a        specified individual's account by a single person. Large cash        deposits from a single person are more likely to be associated        with criminal activity.    -   Credit card funds deposited, which allows an alarm to be        triggered when a threshold of funds from a credit card have been        deposited into a specified individual account. Credit card        deposits are perhaps more likely to be associated with criminal        activity when associated with a detainee who has been charged        and/or convicted of identity theft and/or fraud.    -   Number of completed calls, which triggers an alarm when a        threshold of completed phone calls have been met.    -   Number of attempted calls, which allows an alarm to be tied to a        set threshold of calls attempted but not completed.    -   Number of call minutes, which allows an alarm to be tied to the        total number of minutes that a detainee and/or friend and family        member spends on connected phone calls.    -   Number of voicemails, which allows for an alarm to be tied to        the total number of voicemail that an individual receives.    -   Number of messages sent, which allows for an alarm to be tied to        the total number of messages sent by the person or group        specified.    -   Number of messages received, which allows for an alarm to be        tied to the total number of messages received by the person or        group specified.    -   Number of photos shared, which allows for an alarm to be tied to        the total number of photos shared by the person or group        specified.    -   Number of photos available, which allows for an alarm to be tied        to the total number of photos available to be seen by the person        or group specified.    -   Number of contacts, which allows for an alarm to be tied to the        total number of people that an individual or group of        individuals has in their contact list.    -   Number of minutes spent Web browsing, which allows for an alarm        to be tied to the total minutes that a person or group spends        browsing available Internet sites via an inmate visitation        station.    -   Number of grievances/requests filed, which allows for an alarm        to be tied to the total number of inmate requests filed by an        inmate or group of inmates. An inmate request is typically a        digital form that is filled out and submitted to a facility        staff member, such as a complaint about food, and/or a crime        tip.    -   Number of games played, which allows for an alarm to be tied to        the total number of educational games played by the person or        group specified. In some implementations, games are available to        detainees via a video vitiation environment, tablet or other        device suitable for video visitation.    -   Number of video visits, which allows for an alarm to be tied to        the total number of video visits engaged in by the person or        group specified.    -   Number of video visit minutes, which allows for an alarm to be        tied to the total number of minutes of video visiting engaged in        by the person or group specified.    -   Who gets notified when an alarm event occurs? One or more        embodiments of the invention allow the alarm to be sent to any        number of people with access to the information in the alarm.    -   Define time periods for alarm notification windows that have        different methods of desired notifications, such as 9-5 on        weekdays for one type of notification and all other times for a        secondary form of alarm notification.    -   Define notification methods for each specified time period. For        each time period that has been specified, an alarm notification        may be, but not limited to:    -   Text message delivered via short messaging service (SMS) or        multimedia messaging service (MMS) notification to a mobile        device, for example.    -   Email an alarm notification email sent to one or more        notification recipients.    -   Onscreen alert such as a color, highlighted text, and/or moving        an event to the top of a list.    -   Automated call, which involves a phone call with a        computer-generated voice announcing alarm details to a        designated alarm recipient.    -   Computer desktop alert, such as Growl, Snarl and/or other        on-screen display notification mechanisms.    -   A system event, appropriate for notifying third party software        systems of an alarm event.

Table I further summarizes example categories, options and attributesfor setting up alarms:

TABLE I Category Options Attribute Properties Person type detainee Onlyone option may friends & family be selected detainee and friends &family Facilities facility A Any combination may facility B be selectedfacility C Name first name Full or partial names last name may bespecified Social Security up to 9 digits full or partial SSN Number(“SSN”) Date of birth specific date Only one option may data range beutilized Gender male Either or both may be female selected Last bookingdate specific date Only one option may data range be utilized

Now referring to FIG. 11, an example method for using and setting up atime-based multivariable alarm will be described. The various operationsof FIGS. 11-14 may be carried out, for example, by a processor ofadministrator computing device (206) of FIG. 2, responsive to userinput.

Method (1300) is a very high-level description of an alarmimplementation and how it may be ran. At an operation, a new alarm issetup (1302) and the related system checks/monitors for alert triggerparameters (1304). If trigger parameters are met (1306), specified alarmnotification recipients are notified (1308).

Method (1400), of FIGS. 12-14, illustrates setup of a new alarm.Typically, an end user logs into a system (1402) and elects to do a newalarm (1404). A person and/or detainee for monitoring is selected(1406), one or more rules are added (1408, 1410) and notificationparameters are selected at operation (1412).

Add rule operation (1408) is further detailed via FIG. 13 such that aparameter is selected for monitoring (1408 a), alert threshold isselected (1408 b) and time monitor periods are added as desired (1408c).

Select notification parameters operation (1412) is further detailed inFIG. 14 and includes selecting notification recipients (1412 a) andnotification mechanism (and related notification period), via operation(1412 b). If there are times during the day that were not specified tonotify a person (1412 c), the gaps may be filled in (1412 e). Operation(1412) further includes operation for adding additional notificationrecipients as desired (1412 d).

While a number of exemplary aspects and embodiments have been discussedabove, those of skill in the art will recognize certain modifications,permutations, additions and sub-combinations thereof. It is thereforeintended that the following appended claims, and claims hereafterintroduced, are interpreted to include all such modifications,permutations, additions and sub-combinations as are within their truespirit and scope.

What is claimed is:
 1. A computer implemented method for generating atime-based multivariable secure facility alarm comprising: selecting afirst person for alert monitoring; selecting alert monitor criteriapertaining to the first person; selecting a plurality of alarmnotification rules; detecting an occurrence of a non-financialtransaction event with the first person that satisfies the alert monitorcriteria; obtaining a second person identifier for a second person thatis party to the non-financial transaction event; detecting an occurrenceof a second event between the first person and the second person, thesecond event being performed using a disparate system than thenon-financial transaction event, the occurrence of the second eventsatisfying the alert monitor criteria based on being between the firstperson and the second person; and generating an alarm notification,based upon the plurality of alarm notification rules, according to theoccurrence of the non-financial transaction event and the occurrence ofthe second event being detected, wherein the alert monitor criteriaincludes at least two events and a time period such that the alertmonitor criteria is satisfied when the at least two events occur withinthe time period, the at least two events comprising the non-financialtransaction event and the second event, and wherein at least one eventof the at least two events is a non-telephonic event.
 2. Thecomputer-implemented method as recited in claim 1, wherein an at leastone other event of the at least two events is a video visit.
 3. Thecomputer-implemented method as recited in claim 2, wherein the at leasttwo events comprises at least three events, and wherein a third event ofthe at least two events is a telephonic event.
 4. Thecomputer-implemented method as recited in claim 1, wherein at least oneevent of the at least two events is a video visit.
 5. Thecomputer-implemented method as recited in claim 1, wherein the at leasttwo events are non-telephonic events.
 6. The computer-implemented methodas recited in claim 1, wherein the alarm notification rules compriseswhom to notify and a notification method, wherein the notificationmethod is based on when the occurrence of the second event is detectedduring pre-defined periods of a week.
 7. The computer-implemented methodas recited in claim 1, wherein the alarm notification is based on whenthe occurrence of the second event is detected during a plurality ofpre-defined calendar dates.
 8. The computer-implemented method asrecited in claim 6, wherein at least two differing notification methodsare utilized, and wherein each of the at least two differentnotification methods corresponding to non-overlapping pre-definedperiods of the week.
 9. A non-transitory computer-readable medium, forgenerating a time-based multivariable secure facility alarm, comprisingexecutable instructions operative to cause one or more processors to:select a first person for alert monitoring; select alert monitorcriteria pertaining to the first person; select a plurality of alarmnotification rules; detect an occurrence that satisfies the alertmonitor criteria of a non-financial transaction event with the firstperson; obtain a second person identifier for a second person that isparty to the non-financial transaction event; detect an occurrence of asecond event between the first person and the second person, the secondevent being performed using a disparate system than the non-financialtransaction event, the occurrence of the second event satisfying thealert monitor criteria based on being between the first person and thesecond person; and generate an alarm notification, based upon theplurality of alarm notification rules, according to the occurrence ofthe non-financial transaction event and the occurrence of the secondevent being detected, wherein the alert monitor criteria includes atleast two events and a time period such that the alert monitor criteriais satisfied according to the at least two events occur within the timeperiod, the at least two events comprising the non-financial transactionevent and the second event, and wherein at least one event of the atleast two events is a non-telephonic event.
 10. The computer-readablemedium as recited in claim 9, wherein an at least one other event of theat least two events is a video visit.
 11. The computer-readable mediumas recited in claim 10, wherein the at least two events comprises atleast three events, and wherein a third event of the at least two eventsis a telephonic event.
 12. The computer-readable medium as recited inclaim 9, wherein at least one event of the at least two events is avideo visit.
 13. The computer-readable medium as recited in claim 9,wherein the at least two events are non-telephonic events.
 14. Thecomputer-readable medium as recited in claim 9, wherein the alarmnotification rules comprises whom to notify and a notification method,wherein the notification method is based on when the occurrence of thesecond event is detected during pre-defined periods of a week.
 15. Thecomputer-readable medium as recited in claim 9, wherein the alarmnotification is based on when the occurrence of the second event isdetected during a plurality of pre-defined calendar dates.
 16. Anapparatus for generating a time-based multivariable secure facilityalarm, the apparatus comprising: at least one processor; at least onenetwork interface; a memory; a software application, physically storedin the memory, comprising instructions operable to cause the at leastone processor and the apparatus to: select a first person for alertmonitoring; select alert monitor criteria pertaining to the firstperson; select a plurality of alarm notification rules; detect anoccurrence of a non-financial transaction event with the first personthat satisfies the alert monitor criteria; obtain a second personidentifier for a second person that is party to the non-financialtransaction event; detect an occurrence of a second event between thefirst person and the second person, the second event being performedusing a disparate system than the non-financial transaction event, theoccurrence of the second event satisfying the alert monitor criteriabased on being between the first person and the second person; andgenerate an alarm notification, based upon the plurality of alarmnotification rules, according to the occurrence of the non-financialtransaction event and the occurrence of the second event being detected,wherein the alert monitor criteria includes at least two events and atime period such that the alert monitor criteria is satisfied when theat least two events occur within the time period, the at least twoevents comprising the non-financial transaction event and the secondevent, and wherein at least one event of the at least two events is anon-telephonic event.